Welcome to BERKE1337, a group of computer security enthusiasts at UC Berkeley. We meet on a regular basis to hack, defend, educate, and have fun.
Our team competes in the Western Regional Collegiate Cyber Defense Competition each year, in addition to a variety of smaller offensive security competitions. In our meetings we practice hands-on security in both offensive and defensive roles. Past practices have involved reversing custom-built Windows malware, setting up a network intrusion monitor with any Linux machine in less than 5 minutes, and cracking ciphers for security capture-the-flag competitions.
BERKE1337 was originally founded as a team to compete in the Western Regional Collegiate Cyber Defense Competition. Since its inception, the team has grown, but this competition is still one of BERKE1337's biggest events. In this competition, our team of eight is given a network of approximately 20 servers and workstations that must be secured against constant attack from a professional security team. Simultaneously, we must complete objectives given to us by the competition organizers, such as setting up new roles for servers or reconfiguring network topology. First place in WWRCDC advances to the National Collegiate Cyber Defense Competition.
CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world. Reverse-engineering, network sniffing, protocol analysis, system administration, programming, and cryptanalysis are all skills which can be useful in a CTF.
Throughout the year, BERKE1337 holds many workshops and practices so members can gain key knowledge in computer security. Workshops range in subject matter and skill level. Examples of past workshop topics include firewalls, malware, and intrusion detection systems. All workshops are announced over the mailing list.
An incomplete list of some of our members.
CS PhD student in Security with a focus on Cryptography. Building systems that compute on encrypted data. Breaking systems for fun and profit. Discovered a vulnerability in the implementation of the Signal protocol in WhatsApp. My blog.
Sophomore EECS. Primarily Windows-side defense though also experienced in Debian. Can find me hanging around with OCF, PiE, and HKN.
Sophomore EECS guy. I like doing CTFs. I also screw around on Linux machines. I also am an instructor for the IEEE Micromouse decal!
Paste me in terminal!
; clear; echo 'Haha! You did it!';
echo -ne 'ayyy ## (10%)\r';
echo -ne 'ayyy ### (20%)\r';
echo -ne 'ayyy ##### (33%)\r';
echo -ne 'ayyy ####### (40%)\r';
echo -ne 'ayyy ########## (50%)\r';
echo -ne 'ayyy ############# (66%)\r';
echo -ne 'ayyy ##################### (99%)\r';
echo -ne 'ayyy ####################### (100%)\r';
echo -ne '\n';
Fourth-year physics and math major. Works as a technical security lead for SAIT - ResComp's Information Security team.
Sophmore Computer Science and Economics major at Berkeley. Treasure of the club. Use to be a datascience tutor but now doing security research under David Wagner.
Junior in CS with a music minor. Interested in security, graphics, and belltowers.
OCF Site Manager, security enthusiast, and EECS undergrad. Most experienced hacking around with Linux, but enjoys playing around with other systems too.
4th year EECS undergrad at UC Berkeley. Interested in machine learning and cyber security. External Relations and Firewall/Network Forensics team member. TA'ing for Computer Security at Cal and part of Prof. David Wagner's Spear Phishing research group.
An incomplete list of some of our alumni.
I'm a 4th year CS student that has been in interested in security for some time. Started CalSEC with Max Burkhardt and another friend in freshman year, been pretty active in security research and reading since. I enjoy Linux Administration and developing software in a security conscious fashion with a little bit of offense now and again.
Hacking computers since 1996. Expertise in network, web and software security. Also sometimes uses a soldering iron. Broke T-Mobile Wi-Fi Calling in 2013.
I'm a 4th year EECS student. I work at ResComp as the Lead Unit Supervisor, so I oversee all the tech support for the dorms. I find security really interesting, and took CS161 last year. I spent about a year doing tech support myself so I have plenty of experience with malware, in addition to getting really good at project management and giving presentations.
I'm a 4th year CS major. I helped start up the team and I'm very interested in the policy, networking, and incident response aspects of security. I'm most familiar with cyber defense games, but I've been trying my hand at network and systems forensic challenges for CTFs and I'm having lots of fun. I also manage the website for UC Berkeley IEEE and was a member of the Student Technology Council.
I'm a Nth year undergrad. I like building things more than breaking them. I've made webapps, a voice-activated TV, and a X11 window layout tool. My BERKE1337 specialty is Linux sysadminning. I'm a programmer at Residential Computing, and I also designed their website.
I'm a 4th year EECS student with a focus in security. I was once Lead Information Security Engineer for Student Affairs at Cal, and am now doing dev work for Berkeley Information Security and Policy. I've also done penetration testing for iSEC Partners, a San Francisco-based security consultancy. I like fighting with and creating malware, and recently I've been learning a bit about hacking the airwaves (SDR).
EECS student. Lead Information Security Engineer at UC Berkeley Student Affairs. Director of photography and design at UC Berkeley IEEE. Trombonist in the Cal Band.
We frequently get questions about how to get started in the field of cybersecurity. One of our goals is to help teach the field in our workshops and through competitions, but if you're looking for some extra material, have a look below:
Above all, the best way to learn security is by doing it. Read some of the materials, find an attack or defense you'd like to try, set up a test environment (don't attack anyone else's stuff), and have at it!